Internet password security usually takes a back seat to memorability. Based on anecdotal evidence, passwords are based on something that is easy to remember, and usually contains a bit of personal information (birthday, phone number, names of family members). And then that password gets used over and over again.
Most people, aren’t at much of a risk for identity theft or hacking, but it happens. Even the author of this post has had accounts hacked, most recently someone broke into a Hotmail account that has never been used for email and then proceeded to spam my contacts that were miraculously imported from Facebook, yay. I’ve had blogs hacked because of some user used an easy to hack password. In fact, they used ‘password’ as their password.
It is not secure, and anyone who wants to break in could with a simple brute force attack.
The economics of hacking play out thusly, if the value of information is worth more than the difficulty of accessing that data you are a target. People spend most of their lives building value, on some level that is all that we try to do, whether it be money or collections or even just improving quality of life. So you need to focus on making it more difficult to access your information. That means that your dumb password needs to be changed.
Email is usually a big target. My hacker sent spam, which frankly is cheap to send (and acquire email address), and slightly offended me. The other reason your email gets hacked is because it unlocks ALL of your other passwords. At least the ones signed up on that email address. My hacker also set up a Twitter account. Looked like a real person, but the account followed a bunch of spammy accounts. Usually hackers are data miners, not data farmers.
Anyways, here are a couple of password tips for security and memorization.
Use a string of words that is easy for you to remember, KyleAlmisthebomb, my WiFi password (used nowhere else), easy to remember and it’s a fun thing to tell guests over and over again until they spell it right.
Use your phone number backwards while holding the shift key, )&!$@#&)^# why didn’t I think of that before?
Use two-factor authentication, that means a smart phone app, or getting a text to verify your login. Google and Facebook use this for added security.
Use OpenID, you can use Facebook, Google, or Twitter to sign in to a lot of websites now. If you do this, two-factor authentication.
And a couple of don’ts:
Don’t use a Dictionary word, like ‘password’ you are vulnerable to brute force attacks. Which are essentially programs trying words out of a dictionary list until they find one that works.
Don’t save your passwords in your browser, not secure. It was a recent flaw in Google Chrome that prompted this post in the first place.
Don’t use your birthday, Social Security Number, phone number, address, or any other ID form that could be acquired.
And don’t use any of these most common passwords: